Filtered by vendor Store-opart
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-50061 | 1 Store-opart | 1 Op\'art Easy Redirect | 2024-08-22 | N/A | 9.8 CRITICAL |
PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via Oparteasyredirect::hookActionDispatcher(). | |||||
CVE-2023-48188 | 1 Store-opart | 1 Op\'art Devis | 2024-02-05 | N/A | 9.8 CRITICAL |
SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function. | |||||
CVE-2020-16194 | 1 Store-opart | 1 Quote | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields. |